Sean Kearney is an infrastructure support analyst and Microsoft MVP in Window PowerShell. He is absolutely passionate about automation technologies—especially Windows PowerShell. If you say, “Powershell,” he may just break into song. Sean considers himself “just a tech at heart,” but he can often be found dabbling with most Microsoft technologies at a moment’s notice. We have also been advised to keep him at arm’s length from any open Starbucks in Seattle. We have been advised that any rumors about him ever singing for Microsoft JobsBlog are completely unfounded. Complete rubbish. Let us just keep it between you and me, OK?

Big choice. Do I spend 60 minutes reading through a log file? Or do I try to find a quick way to parse for errors? I’ve looked at this log once before, and I noticed that bad lines were usually tagged with the word FATAL or WARNING.

This looks like a job for Windows POWERSHELL!

Our first task. Read that file. A simple Get-Content Cmdlet will do that.

Get-Content C:\Windows\WindowsUpdate.Log

But darn it. I need to filter out all the stuff I do not need. Fortunately, I know in Windows PowerShell each line of text is an object that I can compare. I can simply compare and see if an object in the pipeline contains the data with a Where-Object cmdlet and add a Like to see if anything is “like” this in the line. I pop some * about the characters to ignore Where it is in the line. Every little bit helps in this situation. A quick and dirty solution will meet my needs to find the answer now.

Ahhh, much nicer. But I realized I didn’t have my twelfth cup of coffee, so then I miss all the stuff. I am just not as fast as I should be with that PAUSE key. I wish I could pipe this into More to get screenfuls at a time…

With the logs parsing and showing me the real problem where the errors in the logs were, I was able to identify our update failure. With a quick search on BING through TechNet, I nailed the minor update needed and got him on his way.

The CIO thanked me later that day for a job well done. Bought me lunch too. I smiled. I never did let him know about my secret weapon: Windows POWERSHELL!

----------------------------------- Update of Terror End ---------------------------------

I completely agree there are better solutions. That is the beauty of Powershell that I COULD find a better way of doing this in the long term.

Also take note of the context as well. "The boss is breathing down your neck…"

Often in those scenarios you find you use what works first (Direct Access to the file thinking down the pipeline) and worry about cleaning it up later. In the field there are short term and long term solutions.

When you're patching something on the fly, sometimes you use a quick bandaid (Like the solution above) and then rethink the solution long term (Like what Martin suggested).